製品・ソフトウェアに関する情報

JVN脆弱性詳細

Library of Assorted Spiffy Things におけるバッファオーバーフローの脆弱性

Title	Library of Assorted Spiffy Things におけるバッファオーバーフローの脆弱性
Summary	Library of Assorted Spiffy Things (LibAST) には、バッファオーバーフローの脆弱性が存在します。
Possible impacts	ローカルユーザにより、任意のコードを実行される可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	Jan. 25, 2006, midnight
Registration Date	March 11, 2014, 5:43 p.m.
Last Update	March 11, 2014, 5:43 p.m.

Affected System

libast

libast 0.6.1 およびそれ以前

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2006-0224	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0224
National Vulnerability Database (NVD)
2	CVE-2006-0224	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0224

ベンダー情報

No	Name	URL
関連リンク
1	?branch_id=17907&release_id=217840	http://freshmeat.net/projects/libast/?branch_id=17907&release_id=217840
2	read_bugs.php?id=25	http://www.rosiello.org/en/read_bugs.php?id=25
3	threaded	http://www.securityfocus.com/archive/1/archive/1/423207/100/0/threaded
4	threaded	http://www.securityfocus.com/archive/1/archive/1/423088/100/0/threaded

Change Log

No	Changed Details	Date of change
0	[2014年03月11日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2006-0224

Summary	Buffer overflow in Library of Assorted Spiffy Things (LibAST) 0.6.1 and earlier, as used in Eterm and possibly other software, allows local users to execute arbitrary code as the utmp user via a long -X command line argument (alternative configuration file name).
Publication Date	Jan. 25, 2006, 11:03 a.m.
Registration Date	Jan. 29, 2021, 3:30 p.m.
Last Update	Oct. 20, 2018, 12:43 a.m.

Affected software configurations

Related information, measures and tools

No	URL	refsource	タグ
1	http://freshmeat.net/projects/libast/?branch_id=17907&release_id=217840	CONFIRM
2	http://secunia.com/advisories/18586	SECUNIA
3	http://secunia.com/advisories/18632	SECUNIA
4	http://secunia.com/advisories/18916	SECUNIA
5	http://securityreason.com/securityalert/373	SREASON
6	http://www.debian.org/security/2006/dsa-976	DEBIAN
7	http://www.gentoo.org/security/en/glsa/glsa-200601-14.xml	GENTOO
8	http://www.mandriva.com/security/advisories?name=MDKSA-2006:029	MANDRIVA
9	http://www.osvdb.org/22735	OSVDB
10	http://www.rosiello.org/en/read_bugs.php?id=25	MISC	Patch Vendor Advisory
11	http://www.securityfocus.com/archive/1/423088/100/0/threaded	BUGTRAQ
12	http://www.securityfocus.com/archive/1/423207/100/0/threaded	BUGTRAQ
13	http://www.securityfocus.com/archive/1/423366/100/0/threaded	BUGTRAQ
14	http://www.securityfocus.com/bid/16350	BID	Exploit
15	http://www.vupen.com/english/advisories/2006/0314	VUPEN
16	https://exchange.xforce.ibmcloud.com/vulnerabilities/24303	XF

Common Vulnerabilities List